The week in security: Trust us, we're the government

Much of the problem with today's security environment is that it's hard to know who to trust – but the US Department of Justice believes it has the answer: companies should trust the government's efforts around cybersecurity more than they currently do, the DOJ is suggesting. The same goes in Australia, where the newly formed Australian Cyber Security Centre was soliciting reports of security breaches to inform its work.

Yet perhaps Google is more deserving of that trust, after CEO Eric Schmidt revealed that the company had moved quickly to secure personal data on its services after revelations of NSA spying emerged last year.

The notorious POODLE flaw was said to have returned, with sysadmins warned to check their vulnerability status; while they're at it, admins should also check their domain status as some were warning that leftover domains can present another kind of security risk.

Similarly, there were warnings that executives' PCs, Android, BlackBerry and iOS devices were being targeted by sophisticated new malware. Also doing the rounds were reminders to address the use of USB equipment which, in some cases, is being found to have malware embedded into it.

Yet the likelihood of this happening was diminished by surveys such as one that found most admins are still failing to keep up with their regular security patches. Other research found that large UK firms still haven't gotten the message around anti-phishing security.

Passwords are another chronic security issue and one group is working to eliminate the need for them. The Open Authentication specification has now been released and is gaining currency with mobile device makers that love anything that makes mobile security easier.

iOS users may prove to be easier to manage in that sense, with users of that platform said to be than Android users. Dealing with all of those devices are CISOs, who are when it comes to cybernasties, a new IBM survey has found. Whether or not the new app store for secure apps, being [[xref: |spruiked by security-focused Blackphone, will provide new ammunition for that fight, remains to be seen.

Predictions for 2015 continued as one vendor offered its predictions about 5 trends that will be seen]] next year. Others concluded that boards of directors will in 2015 – not exactly the way you want to ring in the new year.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Read more: The Right to be Forgotten

Join CSO for the day@#csoperspectives and hear from @kimzetter @frankheidt @simplenomad Register today

Tags Enex TestLabBlackberrymalwareGoogleAndroidiosPCscyber security centreNSA spyingCSO AustraliaPOODLE flawUS DepartmentCEO Eric Schmidt

Show Comments